[Mimedefang] Please help with filter!

Mark Penkower mark at roycenet.com
Thu Apr 1 16:27:43 EST 2004 

I have attached my mimedefang-filter.

All that I need fot it to do is to block the banned extensions and to
add the boilerplate disclaimer.  I know that this does not work because
I have the wrong number of brackets somewhere.

This is driving me up a wall!

Could somebody please post the corrected code.


Thank you so much.


Mark Penkower

# -*- Perl -*-
#***********************************************************************
#
# mimedefang-filter
#
# Suggested minimum-protection filter for Microsoft Windows clients,
plus
# SpamAssassin checks if SpamAssassin is installed.
#
# Copyright (C) 2002 Roaring Penguin Software Inc.
#
# This program may be distributed under the terms of the GNU General
# Public License, Version 2, or (at your option) any later version.
#
# $Id: suggested-minimum-filter-for-windows-clients,v 1.72 2003/11/14
21:33:20 dfs Exp $
#***********************************************************************

#***********************************************************************
# Set administrator's e-mail address here.  The administrator receives
# quarantine messages and is listed as the contact for site-wide
# MIMEDefang policy.  A good example would be
'defang-admin at mydomain.com'
#***********************************************************************
$AdminAddress = 'mark at roycenet.com';
$AdminName = "Mark Penkower";

#***********************************************************************
# Set the e-mail address from which MIMEDefang quarantine warnings and
# user notifications appear to come.  A good example would be
# 'mimedefang at mydomain.com'.  Make sure to have an alias for this
# address if you want replies to it to work.
#***********************************************************************
$DaemonAddress = 'mimedefang at roycenet.com';

#***********************************************************************
# If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard
# to add warnings directly in the message body (text or html) rather
# than adding a separate "WARNING.TXT" MIME part.  If the message
# has no text or html part, then a separate MIME part is still used.
#***********************************************************************
$AddWarningsInline = 0;

#***********************************************************************
# To enable syslogging of virus and spam activity, add the following
# to the filter:
md_graphdefang_log_enable();
# You may optionally provide a syslogging facility by passing an
# argument such as:  md_graphdefang_log_enable('local4');  If you do
this, be
# sure to setup the new syslog facility (probably in /etc/syslog.conf).
# An optional second argument causes a line of output to be produced
# for each recipient (if it is 1), or only a single summary line
# for all recipients (if it is 0.)  The default is 1.
# Comment this line out to disable logging.
#***********************************************************************
md_graphdefang_log_enable('mail', 1);

#***********************************************************************
# Uncomment this to block messages with more than 50 parts.  This will
# *NOT* work unless you're using Roaring Penguin's patched version
# of MIME tools, version MIME-tools-5.411a-RP-Patched-02 or later.
#
# WARNING: DO NOT SET THIS VARIABLE unless you're using at least
# MIME-tools-5.411a-RP-Patched-02; otherwise, your filter will fail.
#***********************************************************************
# $MaxMIMEParts = 50;

#***********************************************************************
# Set various stupid things your mail client does below.
#***********************************************************************

# Set the next one if your mail client cannot handle nested multipart
# messages.  DO NOT set this lightly; it will cause action_add_part to
# work rather strangely.  Leave it at zero, even for MS Outlook, unless
# you have serious problems.
$Stupidity{"flatten"} = 0;

# Set the next one if your mail client cannot handle multiple "inline"
# parts.
$Stupidity{"NoMultipleInlines"} = 0;

# This procedure returns true for entities with bad filenames.
#sub filter_bad_filename ($) {
#    my($entity) = @_;
#    my($bad_exts, $re);

# Bad extensions

    $bad_exts =
'(ade|adp|app|asd|asf|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|fxp|hlp|ht
a|hto|inf|ini|ins|isp|jar|js|jse|lib|lnk|mdb|mde|msc|msi|msp|mst|pcd|prg
|reg|scr|sct|sh|shb|shs|sys|url|vb|vbe|vbg|vbs|vcs|vxd|wmd|wms|wmz|wsc|w
sf|wsh|zls|\{[^\}]+\})';
    



#***********************************************************************
# %PROCEDURE: filter_begin
# %ARGUMENTS:
#  None
# %RETURNS:
#  Nothing
# %DESCRIPTION:
#  Called just before e-mail parts are processed
#***********************************************************************
sub filter_begin () {
    
#***********************************************************************
# %PROCEDURE: filter
# %ARGUMENTS:
#  entity -- a Mime::Entity object (see MIME-tools documentation for
details)
#  fname -- the suggested filename, taken from the MIME
Content-Disposition:
#           header.  If no filename was suggested, then fname is ""
#  ext -- the file extension (everything from the last period in the
name
#         to the end of the name, including the period.)
#  type -- the MIME type, taken from the Content-Type: header.
#
#  NOTE: There are two likely and one unlikely place for a filename to
#  appear in a MIME message:  In Content-Disposition: filename, in
#  Content-Type: name, and in Content-Description.  If you are paranoid,
#  you will use the re_match and re_match_ext functions, which return
true
#  if ANY of these possibilities match.  re_match checks the whole name;
#  re_match_ext checks the extension.  See the sample filter below for
usage.
# %RETURNS:
#  Nothing
# %DESCRIPTION:
#  This function is called once for each part of a MIME message.
#  There are many action_*() routines which can decide the fate
#  of each part; see the mimedefang-filter man page.
#***********************************************************************

   if (filter_bad_filename($entity)) {
       md_graphdefang_log('bad_filename', $fname, $type);
#	action_notify_administrator("A MULTIPART attachment of type
$type, named $fname was dropped.\n");
	return action_bounce("We are not accepting emails with
attachments of this type");
   }
 
   return action_accept();
}

sub filter_end {
                        my($entity) = @_;
                        append_text_boilerplate($entity,
                             "We are not laible", 0);
                        append_html_boilerplate($entity,
                             "<em>We</em> Are not liable", 0);

                   }    



1;

More information about the MIMEDefang mailing list